A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings.
Which of the following is the MOST likely risk in this situation?
A.
An attacker can access and change the printer configuration.
B.
SNMP data leaving the printer will not be properly encrypted.
C.
An MITM attack can reveal sensitive information.
D.
An attacker can easily inject malicious code into the printer firmware.
E.
Attackers can use the PCL protocol to bypass the firewall of client computers.
I am inclined to think that C is the correct answer.
https://esj.com/articles/2009/04/28/print-stream.aspx
1
4
B doesn’t have anything to do with people using PCL.
The risk of PCL is the information being sent to the printer can be captured encrypted. So B is the best answer.
10
5
Wut?
7
0
I’m little bit confused you said b and the opposite.
0
0
JohnnyMac URL = https://esj.com/articles/2009/04/28/print-stream.aspx funily enough says that the PCL Protocol has issues with unencrypted data.
Unencrypted Print Data are Easy Prey
Unencrypted print data are a weakness in every IT security environment because without encryption, all printing protocols transmit print data as (more or less) readable, clear text. The printer command languages PCL (Printer Control Language) and Postscript are page-description protocols that include the document information in clear text in addition to control and command characters. Reading a text transmitted in ASCII format is even simpler.
Hackers need only a simple sniffer application — which they can download from the Internet — to record print data during transmission. They can easily find freeware applications that enable them to read this data — even in the format of the original document. Attackers can manipulate and resend this data with agent software to redirect print data coming from other clients to the sniffer, then manipulate the original data with a simple editor and print it via the Windows LPR command. Common printing protocols (LPD/LPR/Sockets, SMB/CIFS etc.) cannot encrypt print data and offer no protection.
So this means that : B- SNMP data leaving the printer will not be properly encrypted.
9
1
This article says nothing about SNMP
2
0
I don’t understand what SNMP has to do with print jobs being sent to the printer. If the print data is not encrypted, can’t a MITM read it with ease, thus revealing sensitive information?
Someone please tell me what I am missing here.
2
1